[unisog] Super-hidden spamming exploits?

Jeff Bollinger jeff01 at email.unc.edu
Thu Sep 25 20:56:42 GMT 2003

Rita Seplowitz Saltz wrote:
> Greetings.
> We've seen a number of student-owned MS Windows machines exploited by 
> spammers, even after the "usual suspects" have been addressed 
> (administrator password, backdoors, remote code, spyware, assorted 
> viruses) and the systems are believed to have been locked down securely.
> Has anyone else seen this kind of thing?  And, if so,  have you any 
> helpful insights to offer?
> Thanks,
> Rita Saltz
> [now] Senior Policy Advisor
> Office of Information Technology (OIT)
> Princeton University
> rita at princeton.edu

Yes!  We have seen several instances of this.  Have a look at this 
analysis from the Full-Disclosure mailing list.  It has some information 
regarding this exploit that we have confirmed (audio.exe, etc.)


Jeff Bollinger, CISSP
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff @unc dot edu

More information about the unisog mailing list